Re: [Pki-users] Questions on customizing certificate profiles
Hi @ all,
I also tried to change from "SHA1withRSA" to "SHA256withRSA" by
editing the
config files. No luck!
I found, this is hard-coded in the sources, for example in:
- pki-common-1.3.2/src/com/netscape/cms/servlet/csadmin/SizePanel.java
- pki-common-1.3.2//src/com/netscape/cmscore/security/CASigningCert.java
Just look for "SHA1withRSA" in the files, I don't think this are just
fallbacks.
Best regards,
Oli
Am Mittwoch, 7. April 2010 03:27:04 schrieb Chandrasekar Kannan:
On 04/06/2010 05:08 PM, Arshad Noor wrote:
> The only option that is visible under Advanced is the key-size
> for each of the certificate-types. The hash algorithm does not
> show up at all.
>
> Even the default, as mentioned by Step 8, is not the default as
> the last 10-12 installs have shown:
>
> * SHA256withRSA (the default)
>
> So, the question is: is the current build of DogTag in the pki
> repository identical to RHCS 8.0 or is it a different version?
It might very well be ... we can look at the svn commits
to be really sure...
> Arshad Noor
> StrongAuth, Inc.
>
> Chandrasekar Kannan wrote:
>> the installation wizard should provide 'options' under the advanced
>> section for you to be able to select the alg to use. Have you tried
>> doing Step (8) from here ?
>> http://www.redhat.com/docs/manuals/cert-system/8.0/install/html/Configur
>>ing_a_CA.html
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
--
Oliver Burtchen, Berlin